The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning regarding state-sponsored actors and cyber mercenaries actively exploiting commercial spyware to infiltrate Signal and WhatsApp accounts. These malicious actors are targeting "high-value" users, gaining access to devices, and covertly extracting information.
CISA's alert highlights the diverse tactics employed by these attackers, including phishing campaigns, the use of fraudulent QR codes, malicious apps designed to impersonate legitimate ones, and even zero-click exploits. These methods allow them to compromise messaging applications that are generally considered secure by the public.
The agency's observations suggest a growing trend towards targeting individuals deemed "high-value", encompassing current and former high-ranking officials from government, military, and political sectors, as well as civil society organisations spanning the US, the Middle East, and Europe. A common approach involves deploying spyware initially and subsequently gathering information, using this initial access point to introduce further malicious software and deepen their level of access to the compromised systems.
Artículos relacionados de LaRebelión:
- Cybersecurity Hacking Online Courses November 2025
- Critical Sudo Vulnerability Alert Local Root Escalation
- Argo CD API Exposes Repository Credentials Vulnerability Alert
- WhatsApp Guest Chats Chat with Anyone Even Without an Account New Feature Explained
Artículo generado mediante LaRebelionBOT
No hay comentarios:
Publicar un comentario